The Ukrainian Main Intelligence Directorate (GUR) announced on Saturday a successful cyberattack against IPL Consulting, a Russian company specializing in implementing information systems for Russian industry. It comes days after a powerful attack on the far-east branch of Planeta, a Russian hydrometeorology center providing weather data to Russia’s defense sector.
The attacks continue Ukraine’s efforts to cripple the Russian defense industry, which include drone attacks on Russian defense factories, as Russia dedicates record funds to fund its war against Ukraine in 2024. They continue Ukraine’s strategy of “death by a thousand cuts,” as volunteer hackers cooperate with the state to bleed Russia financially over hacker disruptions.
According to the GUR statement, IPL Consulting billed itself as one of Russia’s most high-tech companies, assisting institutions involved in automotive, aviation, heavy machinery, equipment, and instrument manufacturing, including for the Russian defense-industrial complex.
The GUR said its experts “infiltrated IPL Consulting’s internal network and destroyed the company’s entire 60+ terabyte IT infrastructure, dozens of servers and databases.” The value of Russia’s lost digital assets is still being calculated, the GUR said, adding that “in the context of ongoing sanctions pressure against Russia, the damage inflicted is extremely painful.”
The attack will also impact dozens of Russian defense companies relying on IPL Consulting, the statement said.
Ukrainian hacker attack on Russian Space Hydrometeorology Center
This attack on IPL consulting comes days after a reported Ukrainian hacker attack on Russia’s Planeta Center for Space Hydrometeorology, which provided weather data to Russia’s Defense Ministry.
On 24 January, the Ukrainian Main Intelligence Directorate (GUR) reported that hackers affiliated with the Ukrainian hacktivist group “BO Team” infiltrated and destroyed the database of Planeta’s Far East branch, the largest of the company’s three regional hubs.
The GUR states that Planeta’s Far East branch is the leading organization in Russia’s Far East for operating and developing Earth observation systems from space. It is the largest of Planeta’s three regional subsidiaries and specializes in receiving and processing data from Russian and foreign satellites.
Planeta provides satellite imagery and hydrometeorological, natural resource, and oceanographic data to over 50 regular customers, especially Russia’s Defense Ministry, Emergencies Ministry, Northern Fleet, and scientific research groups.
According to the GUR, the cyberattack destroyed 280 servers on Planeta’s network and wiped about 2 petabytes (200 million gigabytes) of data. This included unique long-term research, meteorological, and satellite data regularly used by over 50 Russian government entities. The estimated value of Russia’s lost digital assets is at least $10 million.
Additionally, the GUR states that the supercomputers equipped at the Far East branch have been paralyzed and are not fully restorable due to sanctions limiting Russia’s ability to acquire the needed software. The attack also disrupted the facility’s climate control, emergency power, and other support systems.
Ukraine’s hacker army and the cyberwar with Russia
Over two years of Russia’s invasion, Ukraine has built a volunteer hacker army from scratch, using targeted DDoS attacks and causing significant damage to Russia’s infrastructure.
- On 19 January 2024, Ukrainian hackers were reported to have stolen technical documents on 500 Russian defense facilities.
- On 9 January 2024, Ukrainian hackers allegedly tied to security services attacked a Moscow internet provider, erasing 20TB of data and websites, disrupting internet access.
- On 21 December, 2023, Ukrainian hackers targeted Russia’s major water supply company, causing a technical failure and impacting mobile services, as they encrypted over 6,000 computers during the attack.
Ukraine itself constantly experiences Russian hacker attacks.